Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/WZwhRYkmf2ggVzrPwv6JIYePZ8Q.roa
File:                     WZwhRYkmf2ggVzrPwv6JIYePZ8Q.roa (raw, json)
Hash identifier:          91ThY3lhLOdFS7n2q2g6Q5OCY142AAiQtSF+cgge1cA=
Subject key identifier:   59:9C:21:45:89:26:7F:68:20:57:3A:CF:C2:FE:89:21:87:8F:67:C4
Certificate issuer:       /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial:       0184F37101DCEA4D4B6AFAF11216E4FB6764
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/WZwhRYkmf2ggVzrPwv6JIYePZ8Q.roa
Signing time:             Thu 08 Dec 2022 20:33:00 +0000
ROA not before:           Thu 08 Dec 2022 20:33:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208485
IP address blocks:        94.154.37.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:f3:71:01:dc:ea:4d:4b:6a:fa:f1:12:16:e4:fb:67:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
        Validity
            Not Before: Dec  8 20:33:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=599c214589267f6820573acfc2fe8921878f67c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ee:9f:fa:cc:f6:10:54:e6:33:1e:bb:1b:a0:
                    37:d0:bc:b6:fd:e5:0f:12:2e:b7:13:c5:1d:a7:55:
                    17:e1:d4:65:ef:eb:e0:f9:4c:30:7a:c9:2d:32:a0:
                    af:df:f9:86:13:10:4b:38:91:81:79:94:8f:12:83:
                    82:96:11:d0:a1:44:de:97:cc:e1:d5:7b:39:05:25:
                    00:38:e1:c2:88:03:9f:1a:cf:24:48:31:7b:a5:a9:
                    5d:11:60:34:dd:3b:41:aa:58:bc:3a:25:45:f3:47:
                    ee:56:c7:de:2b:ea:93:47:3d:a7:c2:63:5d:0d:d0:
                    38:59:82:ce:bf:90:0e:ed:d3:c3:a9:f7:62:14:23:
                    f2:6e:ee:17:a8:3f:e4:dd:1f:80:4b:6b:d7:c0:25:
                    bd:b5:0f:88:92:32:89:4b:96:b4:d8:af:a3:8b:63:
                    2f:50:03:98:a6:ea:e9:7f:3b:d6:e3:31:38:16:3a:
                    fa:f8:78:27:62:a2:e8:48:e9:9f:be:69:91:a2:c9:
                    b9:67:1b:12:8e:98:1e:31:5b:f6:aa:02:7f:54:61:
                    ea:cc:c5:be:46:f0:3a:3f:c2:8e:ff:64:e6:d2:42:
                    31:cf:f1:2b:41:fa:52:43:cc:bd:e1:73:bc:e8:d8:
                    77:5e:7d:83:79:63:a3:76:8b:54:f6:2c:81:0c:b4:
                    20:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:9C:21:45:89:26:7F:68:20:57:3A:CF:C2:FE:89:21:87:8F:67:C4
            X509v3 Authority Key Identifier:
                keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/WZwhRYkmf2ggVzrPwv6JIYePZ8Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:71:f3:8b:6e:57:44:cf:5e:29:10:4f:6f:b9:b2:d0:ad:42:
         2c:32:8f:60:69:60:5f:fb:79:67:1f:3f:f4:ba:d7:f8:c0:fd:
         0a:e4:e0:65:ef:0b:69:b8:0a:e2:6e:3d:f0:87:2a:f2:9f:52:
         18:28:67:b3:ff:63:b9:f4:7e:47:4f:f7:6a:8f:7f:81:49:9b:
         2a:b9:a4:65:7c:f5:87:01:47:3d:25:f1:4f:d2:f1:05:aa:e6:
         09:87:8d:f3:d9:c1:ab:f3:65:43:fe:8c:03:5b:37:e8:ea:52:
         92:63:fb:ca:82:1a:67:24:47:7a:ec:82:7f:16:69:e7:64:c5:
         77:85:da:65:24:7b:5a:48:14:86:6a:4c:0e:9d:a3:3c:68:79:
         94:27:60:5e:c4:56:43:d7:4c:5d:db:5d:7f:56:d4:33:c6:11:
         c0:d2:1f:d8:64:1b:d8:3b:f1:f1:c8:33:a1:eb:75:bb:98:05:
         be:08:e9:86:c1:6c:30:94:08:41:cb:03:1e:b0:57:5e:e9:65:
         2d:bb:5a:49:91:9a:ec:0a:e7:f1:68:9a:b7:19:4b:b7:81:fe:
         c7:98:d4:86:82:e9:32:d4:ac:84:d8:1f:f4:12:07:83:ab:5d:
         5f:3f:ad:5e:c4:f4:38:56:99:0b:46:2c:19:62:6b:72:b3:f6:
         a4:2f:bc:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTzcQHc6k1LavrxEhbk+2dkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjIxMjA4MjAzMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTljMjE0NTg5MjY3ZjY4MjA1NzNhY2ZjMmZlODkyMTg3OGY2N2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu6f+sz2EFTmMx67G6A30Ly2/eUP
Ei63E8Udp1UX4dRl7+vg+UwwesktMqCv3/mGExBLOJGBeZSPEoOClhHQoUTel8zh
1Xs5BSUAOOHCiAOfGs8kSDF7paldEWA03TtBqli8OiVF80fuVsfeK+qTRz2nwmNd
DdA4WYLOv5AO7dPDqfdiFCPybu4XqD/k3R+AS2vXwCW9tQ+IkjKJS5a02K+ji2Mv
UAOYpurpfzvW4zE4Fjr6+HgnYqLoSOmfvmmRosm5ZxsSjpgeMVv2qgJ/VGHqzMW+
RvA6P8KO/2Tm0kIxz/ErQfpSQ8y94XO86Nh3Xn2DeWOjdotU9iyBDLQgvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFmcIUWJJn9oIFc6z8L+iSGHj2fEMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvV1p3aFJZa21mMmdnVnpyUHd2NkpJWWVQWjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpolMA0G
CSqGSIb3DQEBCwUAA4IBAQCLcfOLbldEz14pEE9vubLQrUIsMo9gaWBf+3lnHz/0
utf4wP0K5OBl7wtpuAribj3whyryn1IYKGez/2O59H5HT/dqj3+BSZsquaRlfPWH
AUc9JfFP0vEFquYJh43z2cGr82VD/owDWzfo6lKSY/vKghpnJEd67IJ/FmnnZMV3
hdplJHtaSBSGakwOnaM8aHmUJ2BexFZD10xd211/VtQzxhHA0h/YZBvYO/HxyDOh
63W7mAW+COmGwWwwlAhBywMesFde6WUtu1pJkZrsCufxaJq3GUu3gf7HmNSGguky
1KyE2B/0EgeDq11fP61exPQ4VpkLRiwZYmtys/akL7wh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org